mplayer heap overflow in http requests

Details

VuXML ID

5e7f58c3-b3f8-4258-aeb8-795e5e940ff8

Discovery

2004-03-30

Entry

2004-03-31

Modified

2004-06-27

A remotely exploitable heap buffer overflow vulnerability was
found in MPlayer's URL decoding code. If an attacker can
cause MPlayer to visit a specially crafted URL, arbitrary code
execution with the privileges of the user running MPlayer may
occur. A `visit' might be caused by social engineering, or a
malicious web server could use HTTP redirects which MPlayer
would then process.